排序
CVE-2024-25608: Liferay Portal – Open Redirect
漏洞标题 CVE-2024-25608: Liferay Portal - Open Redirect 漏洞描述 HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7...
2024年12月4日 17:11CVE-2024-1061: WordPress HTML5 Video Player – SQL Injection
漏洞标题 CVE-2024-1061: WordPress HTML5 Video Player - SQL Injection 漏洞描述 WordPress HTML5 Video Player plugin is vulnerable to SQL injection. An unauthenticated attacker can ex...
2024年12月4日 14:48CVE-2024-0799: Arcserve Unified Data Protection – Authentication Bypass
漏洞标题 CVE-2024-0799: Arcserve Unified Data Protection - Authentication Bypass 漏洞描述 An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and ...
2024年12月4日 12:45CVE-2024-33610: Sharp Multifunction Printers – Cookie Exposure
漏洞标题 CVE-2024-33610: Sharp Multifunction Printers - Cookie Exposure 漏洞描述 It was observed that Sharp printers are vulnerable to a listing of session cookies without authenti...
2024年12月4日 02:37CVE-2024-3656: Keycloak < 24.0.5 - Broken Access Control
漏洞标题 CVE-2024-3656: Keycloak < 24.0.5 - Broken Access Control 漏洞描述 A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege ...
2024年12月3日 17:36Apache OFBiz /viewdatafile 代码执行漏洞(CVE-2024-45195)
漏洞标题 Apache OFBiz /viewdatafile 代码执行漏洞(CVE-2024-45195) 漏洞描述 Apache OFBiz是一个开源企业资源规划(ERP)系统。它提供了一套企业应用程序,集成并自动化企业的许多业务流程...
2024年12月3日 16:24CVE-2024-21644: pyLoad Flask Config – Access Control
漏洞标题 CVE-2024-21644: pyLoad Flask Config - Access Control 漏洞描述 pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can brow...
2024年12月3日 14:16CVE-2024-11238: Landray EKP – Path Traversal
漏洞标题 CVE-2024-11238: Landray EKP - Path Traversal 漏洞描述 A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function del...
2024年12月3日 13:36CVE-2024-36117: Reposilite >= 3.3.0, < 3.5.12 - Arbitrary File Read
漏洞标题 CVE-2024-36117: Reposilite >= 3.3.0, < 3.5.12 - Arbitrary File Read 漏洞描述 Reposilite is an open source, lightweight and easy-to-use repository manager for Maven b...
2024年12月3日 05:49CVE-2024-5522: WordPress HTML5 Video Player < 2.5.27 - SQL Injection
漏洞标题 CVE-2024-5522: WordPress HTML5 Video Player < 2.5.27 - SQL Injection 漏洞描述 The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a param...
2024年12月3日 05:39CData Arc /ui 目录遍历漏洞 (CVE-2024-31850)
漏洞标题 CData Arc /ui 目录遍历漏洞 (CVE-2024-31850) 漏洞描述 CData Arc 是一个 Web 应用程序,它提供了一套用于创建、执行和监控自定义数据集成流的连接器。CData Arc < 23.4.883...
2024年12月3日 01:41CVE-2024-8856: WP Time Capsule Plugin – Remote Code Execution
漏洞标题 CVE-2024-8856: WP Time Capsule Plugin - Remote Code Execution 漏洞描述 The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploa...
2024年12月2日 19:00CVE-2024-34982: LyLme-Spage – Arbitary File Upload
漏洞标题 CVE-2024-34982: LyLme-Spage - Arbitary File Upload 漏洞描述 An arbitrary file upload vulnerability in the component /include/file.php of lylme_spage v1.9.5 allows attacker...
2024年12月2日 04:52CVE-2024-27956: WordPress Automatic Plugin <= 3.92.0 - SQL Injection
漏洞标题 CVE-2024-27956: WordPress Automatic Plugin <= 3.92.0 - SQL Injection 漏洞描述 The Automatic plugin for WordPress is vulnerable to SQL Injection in versions up to, and i...
2024年12月1日 16:32CVE-2024-53900: Mongoose < 8.8.3 - Remote Code Execution
漏洞标题 CVE-2024-53900: Mongoose < 8.8.3 - Remote Code Execution 漏洞描述 Mongoose before 8.8.3 can improperly use $where in match, leading to search injection. PoC代码
2024年11月30日 00:27CVE-2024-6460: WordPress Grow by Tradedoubler Plugin < 2.0.22 - Unauthenticated Local File Inclusion
漏洞标题 CVE-2024-6460: WordPress Grow by Tradedoubler Plugin < 2.0.22 - Unauthenticated Local File Inclusion 漏洞描述 The Grow by Tradedoubler WordPress plugin through version ...
2024年11月29日 23:12
